Rezultaty skanu uzupełniającego Farbar Recovery Scan Tool (x64) Wersja: 21-09-2016
Uruchomiony przez ULA (22-09-2016 23:12:11)
Uruchomiony z C:\Users\ULA\Downloads
Windows 10 Pro Wersja 1511 (X64) (2016-02-13 17:45:09)
Tryb startu: Normal
==========================================================


==================== Konta użytkowników: =============================

Administrator (S-1-5-21-3731761838-2529421182-3744087246-500 - Administrator - Disabled)
Gość (S-1-5-21-3731761838-2529421182-3744087246-501 - Limited - Disabled)
Konto domyślne (S-1-5-21-3731761838-2529421182-3744087246-503 - Limited - Disabled)
ULA (S-1-5-21-3731761838-2529421182-3744087246-1001 - Administrator - Enabled) => C:\Users\ULA

==================== Centrum zabezpieczeń ========================

(Załączenie wejścia w fixlist spowoduje jego usunięcie.)

AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: avast! Antivirus (Enabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: avast! Antivirus (Enabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}

==================== Zainstalowane programy ======================

(W fixlist dozwolone tylko załączanie programów adware z flagą "Hidden" w celu ich uwidocznienia. Programy adware powinny zostać w poprawny sposób odinstalowane.)

«The Sims 3 Deluxe Edition» (build 10.2) (HKLM-x32\...\«The Sims 3 Deluxe Edition»_is1) (Version:  - R.G. Catalyst)
Adobe Acrobat Reader DC - Polish (HKLM-x32\...\{AC76BA86-7AD7-1045-7B44-AC0F074E4100}) (Version: 15.017.20053 - Adobe Systems Incorporated)
Adobe Flash Player 23 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 23.0.0.162 - Adobe Systems Incorporated)
Age of Mythology: Extended Edition Tale of the Dragon (HKLM\...\YWdlb2ZteXRob2xvZ3lleHRlbmRlZGVkaXRpb24_is1) (Version: 1 - )
Aktualizacje NVIDIA 10.4.0 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update) (Version: 10.4.0 - NVIDIA Corporation)
Avast Free Antivirus (HKLM-x32\...\Avast) (Version: 11.2.2262 - AVAST Software)
BitComet 1.40 64-bit (HKLM-x32\...\BitComet_x64) (Version: 1.40 - CometNetwork)
Canon Inkjet Printer/Scanner/Fax Extended Survey Program (HKLM-x32\...\CANONIJPLM100) (Version:  - )
Canon MP Navigator EX 4.0 (HKLM-x32\...\MP Navigator EX 4.0) (Version:  - )
Canon MP280 series MP Drivers (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MP280_series) (Version:  - )
Canon My Printer (HKLM-x32\...\CanonMyPrinter) (Version:  - )
Cathy's Crafts Platinum Edition version 1.0 (HKLM-x32\...\Cathy's Crafts Platinum Edition_is1) (Version: 1.0 - )
Delicious 13 Emilys Message In A Bottle Platinum Edition version 1.0.2 (HKLM-x32\...\Delicious 13 Emilys Message In A Bottle Platinum Edition_is1) (Version: 1.0.2 - Muhammad Usman)
ETDWare X64 15.7.0.1_WHQL (HKLM\...\Elantech) (Version: 15.7.0.1 - ELAN Microelectronic Corp.)
Games Manager (HKU\S-1-5-21-3731761838-2529421182-3744087246-1001\...\GamesManager) (Version: 2.13.5.801 - iWin Inc.)
GIMP 2.8.16 (HKLM\...\GIMP-2_is1) (Version: 2.8.16 - The GIMP Team)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 53.0.2785.116 - Google Inc.)
Google Update Helper (x32 Version: 1.3.31.5 - Google Inc.) Hidden
Heart's Medicine - Time to Heal Platinum Edition (HKLM-x32\...\Heart's Medicine - Time to Heal Platinum Edition) (Version: 1.0.0 - LeeGT-Games)
Home Makeover 3 (HKLM-x32\...\Home Makeover 3) (Version: 1.00 - Oberon Media)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 9.17.10.4229 - Intel Corporation)
Intel(R) PROSet/Wireless Software for Bluetooth(R) Technology (HKLM\...\{302600C1-6BDF-4FD1-1309-148929CC1385}) (Version: 3.1.1309.0390 - Intel Corporation)
KMSnano 24 (HKLM\...\KMSnano 24_is1) (Version: KMSnano 24 - )
League of Legends (HKLM-x32\...\League of Legends 3.0.1) (Version: 3.0.1 - Riot Games)
League of Legends (x32 Version: 3.0.1 - Riot Games) Hidden
Microsoft Office Professional Plus 2013 (HKLM\...\Office15.PROPLUS) (Version: 15.0.4569.1506 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.23026 (HKLM-x32\...\{e46eca4f-393b-40df-9f49-076faf788d83}) (Version: 14.0.23026.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.23026 (HKLM-x32\...\{74d0e5db-b326-4dae-a6b2-445b9de1836e}) (Version: 14.0.23026.0 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
Narzędzia sprawdzające pakietu Microsoft Office 2013 — polski (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
NVIDIA PhysX System Software 9.15.0428 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.15.0428 - NVIDIA Corporation)
NVIDIA Sterownik dźwięku HD 1.3.34.3 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.34.3 - NVIDIA Corporation)
NVIDIA Sterownik graficzny 353.84 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 353.84 - NVIDIA Corporation)
Panel sterowania NVIDIA 353.84 (Version: 353.84 - NVIDIA Corporation) Hidden
PIT Format 2015 (HKLM-x32\...\PIT Format 2015_is1) (Version:  - Biuro Informatyki Stosowanej FORMAT)
Polski pakiet językowy dla narzędzi Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64) Language Pack - PLK) (Version: 10.0.50903 - Microsoft Corporation)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7673 - Realtek Semiconductor Corp.)
Rejestracja użytkownika drukarki Canon MP280 series (HKLM-x32\...\Rejestracja użytkownika drukarki Canon MP280 series) (Version:  - )
S Agent (Version: 1.1.57 - Samsung Electronics Co., Ltd.) Hidden
SafeZone Stable 1.48.2066.101 (x32 Version: 1.48.2066.101 - Avast Software) Hidden
Service Pack 1 for Microsoft Office 2013 (KB2850036) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{D82063A8-7C8C-4C3B-A9BB-95138CA55D26}) (Version:  - Microsoft)
Service Pack 1 for Microsoft Office 2013 (KB2850036) 64-Bit Edition (Version:  - Microsoft) Hidden
Skype™ 7.27 (HKLM-x32\...\{FC965A47-4839-40CA-B618-18F486F042C6}) (Version: 7.27.101 - Skype Technologies S.A.)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
TeamSpeak 3 Client (HKU\S-1-5-21-3731761838-2529421182-3744087246-1001\...\TeamSpeak 3 Client) (Version: 3.0.19 - TeamSpeak Systems GmbH)
The Sims™ 3 (HKLM-x32\...\{C05D8CDB-417D-4335-A38C-A0659EDFD6B8}) (Version: 1.63.4 - Electronic Arts)
The Sims™ 3 Diesel Каталог (HKLM-x32\...\{1C9B6173-6DC9-4EEE-9EFC-6BA115CFBE43}) (Version: 14.0.48 - Electronic Arts)
The Sims™ 3 Katy Perry Сладкие радости (HKLM-x32\...\{9B2506E3-9A3F-45B5-96BF-509CAD584650}) (Version: 13.0.62 - Electronic Arts)
The Sims™ 3 В сумерках (HKLM-x32\...\{45057FCE-5784-48BE-8176-D9D00AF56C3C}) (Version: 6.5.1 - Electronic Arts)
The Sims™ 3 Вперед в будущее (HKLM-x32\...\{A0BBD6C7-B546-4048-B33A-F21F5C9F5B09}) (Version: 21.0.150 - Electronic Arts)
The Sims™ 3 Времена года (HKLM-x32\...\{3DE92282-CB49-434F-81BF-94E5B380E889}) (Version: 16.0.136 - Electronic Arts)
The Sims™ 3 Все возрасты (HKLM-x32\...\{E6B88BD6-E4B2-4701-A648-B6DAC6E491CC}) (Version: 8.0.152 - Electronic Arts)
The Sims™ 3 Городская жизнь Каталог (HKLM-x32\...\{7B11296A-F894-449C-8DF6-6AAAA7D4D118}) (Version: 9.0.73 - Electronic Arts)
The Sims™ 3 Изысканная спальня Каталог (HKLM-x32\...\{08A25478-C5DD-4EA7-B168-3D687CA987FF}) (Version: 11.0.84 - Electronic Arts)
The Sims™ 3 Карьера (HKLM-x32\...\{910F4A29-1134-49E0-AD8B-56E4A3152BD1}) (Version: 4.10.1 - Electronic Arts)
The Sims™ 3 Кино Каталог (HKLM-x32\...\{D0087539-3C57-44E0-BEE7-D779D546CBE1}) (Version: 20.0.53 - Electronic Arts)
The Sims™ 3 Мир приключений (HKLM-x32\...\{BA26FFA5-6D47-47DB-BE56-34C357B5F8CC}) (Version: 2.9.10 - Electronic Arts)
The Sims™ 3 Отдых на природе Каталог (HKLM-x32\...\{117B6BF6-82C3-420C-B284-9247C8568E53}) (Version: 7.3.2 - Electronic Arts)
The Sims™ 3 Питомцы (HKLM-x32\...\{C12631C6-804D-4B32-B0DD-8A496462F106}) (Version: 10.0.96 - Electronic Arts)
The Sims™ 3 Райские острова (HKLM-x32\...\{DB21639E-FE55-432C-BCA2-0C5249E3F79E}) (Version: 19.0.101 - Electronic Arts)
The Sims™ 3 Сверхъестественное (HKLM-x32\...\{B37DAFA5-717D-41F8-BDFB-3A4B68C0B3A1}) (Version: 15.0.135 - Electronic Arts)
The Sims™ 3 Скоростной режим Каталог (HKLM-x32\...\{ED436EA8-4145-4703-AE5D-4D09DD24AF5A}) (Version: 5.8.1 - Electronic Arts)
The Sims™ 3 Современная роскошь Каталог (HKLM-x32\...\{71828142-5A24-4BD0-97E7-976DA08CE6CF}) (Version: 3.9.6 - Electronic Arts)
The Sims™ 3 Стильные 70-е, 80-е, 90-е Каталог (HKLM-x32\...\{E1868CAE-E3B9-4099-8C18-AA8944D336FD}) (Version: 17.0.77 - Electronic Arts)
The Sims™ 3 Студенческая жизнь (HKLM-x32\...\{F26DE8EF-F2CF-40DC-8CDA-CC0D82D11B36}) (Version: 18.0.126 - Electronic Arts)
The Sims™ 3 Шоу-бизнес (HKLM-x32\...\{3BBFD444-5FAB-49F6-98B1-A1954E831399}) (Version: 12.0.273 - Electronic Arts)
Update for Skype for Business 2015 (KB3039776) 64-Bit Edition (HKLM\...\{90150000-012B-0415-1000-0000000FF1CE}_Office15.PROPLUS_{67847964-08E2-4A8F-B09D-B08D5CE69250}) (Version:  - Microsoft)
Update for Skype for Business 2015 (KB3118281) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{E34F92E8-F338-4749-BE58-E77D605FE648}) (Version:  - Microsoft)
Update for Skype for Business 2015 (KB3118281) 64-Bit Edition (HKLM\...\{90150000-00C1-0000-1000-0000000FF1CE}_Office15.PROPLUS_{E34F92E8-F338-4749-BE58-E77D605FE648}) (Version:  - Microsoft)
Update for Skype for Business 2015 (KB3118281) 64-Bit Edition (HKLM\...\{90150000-012B-0415-1000-0000000FF1CE}_Office15.PROPLUS_{E34F92E8-F338-4749-BE58-E77D605FE648}) (Version:  - Microsoft)
WinRAR 5.31 (64-bitowy) (HKLM\...\WinRAR archiver) (Version: 5.31.0 - win.rar GmbH)

==================== Niestandardowe rejestracje CLSID (filtrowane): ==========================

(Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.)

CustomCLSID: HKU\S-1-5-21-3731761838-2529421182-3744087246-1001_Classes\CLSID\{71DCE5D6-4B57-496B-AC21-CD5B54EB93FD}\localserver32 -> C:\Users\ULA\AppData\Local\Microsoft\OneDrive\17.3.6301.0127_1\FileCoAuth.exe (Microsoft Corporation)

==================== Zaplanowane zadania (filtrowane) =============

(Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.)

Task: {1EF228E3-06C7-4D3F-A2B6-E9CEC68F5312} - System32\Tasks\{8EE5C568-6B5F-47E7-AAF1-6A4A7CF0F86B} => pcalua.exe -a "E:\Gry\Fairy Godmother Tycoon\Uninstall.exe"
Task: {2575DE14-3214-4EB8-A8A8-6DB0A7267422} - System32\Tasks\SafeZone scheduled Autoupdate 1458422975 => C:\Program Files\AVAST Software\SZBrowser\launcher.exe [2016-04-15] (Avast Software)
Task: {54C271AA-1E8B-4480-840A-70BCDD9D00DD} - System32\Tasks\Adobe Flash Player Updater => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2016-09-13] (Adobe Systems Incorporated)
Task: {551E0E81-F9D2-447A-A4A8-B6CE38406C64} - System32\Tasks\{41107203-F5ED-4F01-87D5-C9820B27554F} => pcalua.exe -a "E:\Gry\Lavenders Botanicals\Uninstall.exe"
Task: {554E1A96-E7BD-46F6-A29A-7375ECF86C7C} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2016-09-08] (Adobe Systems Incorporated)
Task: {5C530123-A98C-40CF-AC53-E8A7C85DE0F0} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn => C:\Program Files\Microsoft Office\Office15\msoia.exe
Task: {64049DC7-E247-49B8-8798-FE786C6C9504} - System32\Tasks\SAgent => C:\Program Files\Samsung\S Agent\CommonAgent.exe [2016-01-13] (Samsung Electronics Co., Ltd.)
Task: {76948408-2806-4163-8359-5F94ED8E71DA} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-02-12] (Google Inc.)
Task: {8D717BA8-234A-41C9-A4D7-548588532841} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\WINDOWS\system32\MRT.exe [2016-09-17] (Microsoft Corporation)
Task: {8E9F4BE9-CA4F-4641-B847-8C315DA8BBED} - System32\Tasks\Microsoft\Office\Office 15 Subscription Heartbeat => C:\Program Files\Common Files\Microsoft Shared\Office15\OLicenseHeartbeat.exe [2014-01-23] (Microsoft Corporation)
Task: {A72C953B-3448-44C3-811F-784212D107BF} - System32\Tasks\{5880C373-D326-4742-997B-3D74B8409E5C} => pcalua.exe -a "E:\Gry\Incredible Zoo\Uninstall.exe"
Task: {AB352DA6-6C0F-475B-906B-A9E8B44EACFA} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack => C:\Program Files\Microsoft Office\Office15\msoia.exe
Task: {E04A59A4-1250-4A50-8F2F-C7DAC0A9B925} - System32\Tasks\avast! Emergency Update => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe [2016-05-08] (AVAST Software)
Task: {F0A38F24-A2EC-464D-8D21-5948A32DFC08} - System32\Tasks\Driver Booster SkipUAC (ULA) => C:\Program Files (x86)\IObit\Driver Booster\DriverBooster.exe
Task: {F389AE0C-704B-4E7A-AB1B-97D019EC31EA} - System32\Tasks\Trigger KMS Activation => E:\Programy\KMSnano\TriggerKMS.exe [2013-01-26] ()
Task: {FB6554CF-62B9-47E5-ADC9-7E89C734659B} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-02-12] (Google Inc.)

(Załączenie wejścia w fixlist spowoduje przesunięcie pliku zadania (.job). Plik uruchamiany docelowo przez zadanie nie zostanie przeniesiony.)

Task: C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

==================== Skróty =============================

(Wybrane wejścia mogą zostać załączone w celu ich zresetowania lub usunięcia.)

ShortcutWithArgument: C:\Users\ULA\Desktop\Play iWin Games.lnk -> C:\Users\ULA\AppData\Local\GamesManager\GamesManager.exe (iWin Inc) -> -config.channel=00000000 -config.uri=hxxp://gm/iwin/index.html
ShortcutWithArgument: C:\Users\ULA\Desktop\Skróty\Google Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> "hxxp://tech-connect.biz/?ssid=1474458375&a=1054667&src=sh&uuid=b5fad6aa-3a2e-45c2-a74b-871088c593f0,1474458344190"
ShortcutWithArgument: C:\Users\ULA\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\MSN Games\Play MSN Games.lnk -> C:\Users\ULA\AppData\Local\GamesManager\GamesManager.exe (iWin Inc) -> -config.channel=11008813 -config.uri=hxxp://gm/iwin/index.html
ShortcutWithArgument: C:\Users\ULA\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\iWin Games\Play iWin Games.lnk -> C:\Users\ULA\AppData\Local\GamesManager\GamesManager.exe (iWin Inc) -> -config.channel=00000000 -config.uri=hxxp://gm/iwin/index.html
ShortcutWithArgument: C:\Users\ULA\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\iWin Games\Games\Launch - Build-A-Lot 2.lnk -> C:\Users\ULA\AppData\Local\GamesManager\GamesManager.exe (iWin Inc) -> -config.channel=00000000 -config.sku=1736567412594460528 -config.uri=hxxp://gm/iwin/index.html
ShortcutWithArgument: C:\Users\ULA\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Internet Explorer.lnk -> C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation) -> "hxxp://tech-connect.biz/?ssid=1474458375&a=1054667&src=sh&uuid=b5fad6aa-3a2e-45c2-a74b-871088c593f0,1474458344190"
ShortcutWithArgument: C:\Users\ULA\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> "hxxp://tech-connect.biz/?ssid=1474458375&a=1054667&src=sh&uuid=b5fad6aa-3a2e-45c2-a74b-871088c593f0,1474458344190"
ShortcutWithArgument: C:\Users\ULA\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Google Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> "hxxp://tech-connect.biz/?ssid=1474458375&a=1054667&src=sh&uuid=b5fad6aa-3a2e-45c2-a74b-871088c593f0,1474458344190"
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avast SafeZone Browser.lnk -> C:\Program Files\AVAST Software\SZBrowser\launcher.exe (Avast Software) -> "hxxp://tech-connect.biz/?ssid=1474458375&a=1054667&src=sh&uuid=b5fad6aa-3a2e-45c2-a74b-871088c593f0,1474458344190"
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> "hxxp://tech-connect.biz/?ssid=1474458375&a=1054667&src=sh&uuid=b5fad6aa-3a2e-45c2-a74b-871088c593f0,1474458344190"

==================== Załadowane moduły (filtrowane) ==============

2015-10-30 09:18 - 2015-10-30 09:18 - 00185856 _____ () C:\WINDOWS\SYSTEM32\ism32k.dll
2016-05-08 23:33 - 2016-05-08 23:33 - 00137920 _____ () C:\Program Files\AVAST Software\Avast\x64\log.dll
2016-02-13 19:28 - 2015-08-07 19:18 - 00116528 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2016-03-04 19:26 - 2010-04-05 21:55 - 00116104 _____ () C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE
2016-07-12 20:54 - 2016-07-01 06:48 - 02656408 _____ () C:\WINDOWS\system32\CoreUIComponents.dll
2016-02-12 23:54 - 2016-02-12 23:54 - 00102912 _____ () C:\Windows\System32\IccLibDll_x64.dll
2016-04-19 18:14 - 2016-04-19 18:15 - 00144384 _____ () C:\Program Files\WindowsApps\Microsoft.Messaging_2.15.20002.0_x86__8wekyb3d8bbwe\SkypeHost.exe
2016-07-12 20:54 - 2016-07-01 06:48 - 02656408 _____ () C:\WINDOWS\System32\CoreUIComponents.dll
2016-02-13 19:14 - 2016-02-13 19:14 - 00093696 _____ () C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\Windows.UI.Shell.SharedUtilities.dll
2016-07-12 20:56 - 2016-07-01 05:48 - 00472064 _____ () C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\QuickActions.dll
2016-07-12 20:56 - 2016-07-01 05:49 - 00674816 _____ () C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\MtcUvc.dll
2016-07-12 20:54 - 2016-07-01 05:27 - 07992832 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.dll
2016-07-12 20:54 - 2016-07-01 05:21 - 00591360 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2016-07-12 20:54 - 2016-07-01 05:22 - 02483200 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.BackgroundTask.dll
2016-07-12 20:54 - 2016-07-01 05:24 - 04089856 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersUI.dll
2015-07-21 15:27 - 2015-07-21 15:27 - 00238248 _____ () E:\Programy\Office\Office15\IEAWSDC.DLL
2016-09-21 13:46 - 2016-09-21 13:46 - 05068544 _____ () C:\Users\ULA\AppData\Local\Temp\6677-7e05-f38f-bb14.exe
2016-08-16 20:06 - 2016-08-16 20:08 - 00017408 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_16.722.10060.0_x64__8wekyb3d8bbwe\Microsoft.Photos.exe
2016-08-16 20:06 - 2016-08-16 20:08 - 13475840 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_16.722.10060.0_x64__8wekyb3d8bbwe\Microsoft.Photos.dll
2016-06-03 20:21 - 2016-06-03 20:22 - 00680448 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_16.722.10060.0_x64__8wekyb3d8bbwe\Microsoft.DesignCore.dll
2016-03-03 21:00 - 2016-03-03 21:01 - 00291328 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_16.722.10060.0_x64__8wekyb3d8bbwe\StoreRatingPromotion.dll
2016-08-25 18:20 - 2016-08-25 18:20 - 03763712 _____ () C:\Program Files\WindowsApps\Microsoft.WindowsCalculator_10.1608.2213.0_x64__8wekyb3d8bbwe\Calculator.exe
2015-10-30 09:18 - 2015-10-30 09:18 - 02100064 _____ () C:\Windows\SystemApps\Microsoft.LockApp_cw5n1h2txyewy\LockApp.exe
2016-09-17 16:21 - 2016-09-14 04:52 - 02280264 _____ () C:\Program Files (x86)\Google\Chrome\Application\53.0.2785.116\libglesv2.dll
2016-09-17 16:21 - 2016-09-14 04:52 - 00107848 _____ () C:\Program Files (x86)\Google\Chrome\Application\53.0.2785.116\libegl.dll
2016-09-22 22:45 - 2016-09-12 17:48 - 30996160 _____ () C:\Users\ULA\AppData\Local\Google\Chrome\User Data\PepperFlash\23.0.0.166\pepflashplayer.dll
2016-05-08 23:33 - 2016-05-08 23:33 - 00123344 _____ () C:\Program Files\AVAST Software\Avast\log.dll
2016-05-08 23:33 - 2016-05-08 23:33 - 00135816 _____ () C:\Program Files\AVAST Software\Avast\JsonRpcServer.dll
2016-05-08 23:33 - 2016-05-08 23:33 - 00479680 _____ () C:\Program Files\AVAST Software\Avast\ffl2.dll
2016-05-08 23:33 - 2016-05-08 23:33 - 00309912 _____ () C:\Program Files\AVAST Software\Avast\browser_pass.dll
2016-09-15 19:40 - 2016-09-15 19:40 - 03085624 _____ () C:\Program Files\AVAST Software\Avast\defs\16091500\algo.dll
2016-09-22 21:58 - 2016-09-22 21:58 - 03118360 _____ () C:\Program Files\AVAST Software\Avast\defs\16092201\algo.dll
2016-02-13 20:20 - 2016-02-13 20:20 - 40539648 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll
2016-04-19 18:14 - 2016-04-19 18:15 - 00141312 _____ () C:\Program Files\WindowsApps\Microsoft.Messaging_2.15.20002.0_x86__8wekyb3d8bbwe\SkypeBackgroundTasks.dll
2016-04-19 18:14 - 2016-04-19 18:15 - 22284800 _____ () C:\Program Files\WindowsApps\Microsoft.Messaging_2.15.20002.0_x86__8wekyb3d8bbwe\SkyWrap.dll

==================== Alternate Data Streams (filtrowane) =========

(Załączenie wejścia w fixlist spowoduje usunięcie strumienia ADS.)

AlternateDataStreams: C:\Users\ULA\Downloads\Badanie Profilu Inwestycyjnego Klienta.pdf:$CmdZnID [26]
AlternateDataStreams: C:\Users\ULA\Downloads\Club Control.rar:$CmdZnID [26]
AlternateDataStreams: C:\Users\ULA\Downloads\FAKTURA-P-6684962-16010674792607-00082763.pdf:$CmdZnID [26]
AlternateDataStreams: C:\Users\ULA\Downloads\forest.jpg:$CmdZnID [26]
AlternateDataStreams: C:\Users\ULA\Downloads\Informacja_o_wyniku_naboru.pdf:$CmdZnID [26]
AlternateDataStreams: C:\Users\ULA\Downloads\Path to Success.rar:$CmdZnID [26]
AlternateDataStreams: C:\Users\ULA\Downloads\Raport (1).pdf:$CmdZnID [26]
AlternateDataStreams: C:\Users\ULA\Downloads\RorysRestaurantWinterRushAB.rar:$CmdZnID [26]
AlternateDataStreams: C:\Users\ULA\Downloads\Tłumaczenie pytań MBTI.pdf:$CmdZnID [26]
AlternateDataStreams: C:\Users\ULA\Downloads\UpdLvndrsBtnclsAB.zip:$CmdZnID [26]
AlternateDataStreams: C:\Users\ULA\Downloads\VA  SteepMusic 50  Dubstep Vol 58 [2015] MP3 [320 kbps].torrent:$CmdZnID [26]
AlternateDataStreams: C:\Users\ULA\Downloads\va_dub_now_weekly_dubstep_099_[tfile.me].torrent:$CmdZnID [26]
AlternateDataStreams: C:\Users\ULA\Downloads\YoureThBossAB.zip:$CmdZnID [26]
AlternateDataStreams: C:\Users\ULA\Downloads\ZALACZNIK-P-6684962-16010674792607-00082764.pdf:$CmdZnID [26]

==================== Tryb awaryjny (filtrowane) ===================

(Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Wartość "AlternateShell" zostanie przywrócona.)


==================== Powiązania plików (filtrowane) ===============

(Załączenie wejścia w fixlist spowoduje usunięcie obiektu z rejestru lub przywrócenie jego domyślnej postaci.)


==================== Internet Explorer - Witryny zaufane i z ograniczeniami ===============

(Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru.)


==================== Hosts - zawartość: ===============================

(Użycie dyrektywy Hosts: w fixlist spowoduje reset pliku Hosts.)

2015-07-10 13:04 - 2015-07-10 13:02 - 00000824 ____A C:\WINDOWS\system32\Drivers\etc\hosts


==================== Inne obszary ============================

(Obecnie brak automatycznej naprawy dla tej sekcji.)

HKU\S-1-5-21-3731761838-2529421182-3744087246-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\ULA\Downloads\na-pulpit.com-woda-kwiaty-magnolii-kamienie.jpg
DNS Servers: 192.168.2.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Zapora systemu Windows [funkcja włączona]

==================== MSCONFIG/TASK MANAGER - Wyłączone elementy ==

HKLM\...\StartupApproved\Run: => "CanonMyPrinter"
HKLM\...\StartupApproved\Run32: => "Adobe ARM"
HKU\S-1-5-21-3731761838-2529421182-3744087246-1001\...\StartupApproved\Run: => "OneDrive"
HKU\S-1-5-21-3731761838-2529421182-3744087246-1001\...\StartupApproved\Run: => "Skype"
HKU\S-1-5-21-3731761838-2529421182-3744087246-1001\...\StartupApproved\Run: => "Steam"

==================== Reguły Zapory systemu Windows (filtrowane) ===============

(Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.)

FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139
FirewallRules: [{A9CB0F5B-0D64-4307-8605-6C7B3616BEB8}] => (Allow) E:\Programy\BitComet\BitComet.exe
FirewallRules: [{B77C9A1B-14F3-42BB-B1E0-3763CE219874}] => (Allow) E:\Programy\BitComet\BitComet.exe
FirewallRules: [{D61E21C6-7BC2-495D-8928-F1D338850B09}] => (Allow) E:\Programy\Steam.exe
FirewallRules: [{0C960EDB-575A-4B2D-B354-FEA06B120B2F}] => (Allow) E:\Programy\Steam.exe
FirewallRules: [{135AE07C-58D1-4D7C-8C2E-D74BC0F5B152}] => (Allow) E:\Programy\bin\steamwebhelper.exe
FirewallRules: [{44349DF0-D2FB-489F-837E-F7F601BD68E4}] => (Allow) E:\Programy\bin\steamwebhelper.exe
FirewallRules: [{FC5B984C-CC1A-4ED4-BC9B-4056157E48A3}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{CF3AF2C4-AAEE-4AFC-8A6D-7F897B0154E8}] => (Allow) E:\Programy\Office\Office15\lync.exe
FirewallRules: [{44FE4437-CCFA-402A-BE5F-9DCD6C411918}] => (Allow) E:\Programy\Office\Office15\lync.exe
FirewallRules: [{4D14E7EF-E31E-4721-AB5F-C3823A241E7E}] => (Allow) E:\Programy\Office\Office15\UcMapi.exe
FirewallRules: [{81B21D8E-BE7C-4724-9CB9-ED693D34E1FE}] => (Allow) E:\Programy\Office\Office15\UcMapi.exe
FirewallRules: [{7F283363-3578-46E6-B4EB-85D3D875BD67}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

==================== Punkty Przywracania systemu =========================

29-08-2016 23:48:00 ASU_MSI_TRAN
13-09-2016 19:57:09 Zaplanowany punkt kontrolny
17-09-2016 17:54:44 Windows Update

==================== Wadliwe urządzenia w Menedżerze urządzeń =============


==================== Błędy w Dzienniku zdarzeń: =========================

Dziennik Aplikacja:
==================
Error: (09/22/2016 10:26:29 AM) (Source: Office 2013 Licensing Service) (EventID: 0) (User: )
Description: Event-ID 0

Error: (09/21/2016 09:42:42 AM) (Source: Office 2013 Licensing Service) (EventID: 0) (User: )
Description: Event-ID 0

Error: (09/20/2016 11:36:26 AM) (Source: Office 2013 Licensing Service) (EventID: 0) (User: )
Description: Event-ID 0

Error: (09/19/2016 05:11:01 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 2484) (User: DESKTOP-ATFN99U)
Description: Działanie pakietu Microsoft.Windows.Photos_16.722.10060.0_x64__8wekyb3d8bbwe+App zostało zakończone, ponieważ operacja wstrzymywania pakietu trwała zbyt długo.

Error: (09/19/2016 09:22:54 AM) (Source: Office 2013 Licensing Service) (EventID: 0) (User: )
Description: Event-ID 0

Error: (09/18/2016 09:49:59 AM) (Source: Office 2013 Licensing Service) (EventID: 0) (User: )
Description: Event-ID 0

Error: (09/17/2016 05:55:43 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Przetwarzanie wywołania OnIdentity() w obiekcie System Writer przez Usługi kryptograficzne nie powiodło się.

Details:
AddLegacyDriverFiles: Unable to back up image of binary Protokół LLDP (Link-Layer Discovery Protocol) firmy Microsoft.

System Error:
Odmowa dostępu.
.

Error: (09/17/2016 05:29:59 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Nazwa aplikacji powodującej błąd: Chocolatier.RWG, wersja: 1.0.0.103, sygnatura czasowa: 0x46534166
Nazwa modułu powodującego błąd: DDRAW.dll, wersja: 10.0.10586.0, sygnatura czasowa: 0x5632d58e
Kod wyjątku: 0xc0000005
Przesunięcie błędu: 0x0004a6b3
Identyfikator procesu powodującego błąd: 0x1eb4
Godzina uruchomienia aplikacji powodującej błąd: 0x01d210f568341851
Ścieżka aplikacji powodującej błąd: C:\Users\ULA\Downloads\Chocolatier\Chocolatier\Chocolatier.RWG
Ścieżka modułu powodującego błąd: C:\WINDOWS\SYSTEM32\DDRAW.dll
Identyfikator raportu: 57eff029-1c72-41b3-81a2-5feeba125241
Pełna nazwa pakietu powodującego błąd: 
Identyfikator aplikacji względem pakietu powodującego błąd:

Error: (09/17/2016 03:50:50 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: DESKTOP-ATFN99U)
Description: Aktywacja aplikacji Microsoft.Windows.Photos_8wekyb3d8bbwe!App nie powiodła się. Błąd: -2144927141. Więcej informacji można znaleźć w dzienniku Microsoft-Windows-TWinUI/Działa.

Error: (09/17/2016 09:47:15 AM) (Source: Office 2013 Licensing Service) (EventID: 0) (User: )
Description: Event-ID 0


Dziennik System:
=============
Error: (09/19/2016 12:53:33 PM) (Source: disk) (EventID: 11) (User: )
Description: Sterownik wykrył błąd kontrolera na \Device\Harddisk2\DR46.

Error: (09/19/2016 12:30:47 PM) (Source: disk) (EventID: 11) (User: )
Description: Sterownik wykrył błąd kontrolera na \Device\Harddisk1\DR45.

Error: (09/17/2016 03:50:50 PM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-ATFN99U)
Description: Serwer App.AppXy9rh3t8m2jfpvhhxp6y2ksgeq77vymbq.mca nie zarejestrował się w modelu DCOM w wymaganym czasie.

Error: (09/16/2016 05:17:36 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: ZARZĄDZANIE NT)
Description: Instalacja nie powiodła się: system Windows nie mógł zainstalować następującej aktualizacji, ponieważ wystąpił błąd 0x80070643: Narzędzie Windows do usuwania złośliwego oprogramowania dla systemów Windows 8, 8.1, 10 oraz Windows Server 2012 i 2012 R2 dla procesorów x64 — wrzesień 2016 (KB890830).

Error: (09/16/2016 03:45:31 PM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-ATFN99U)
Description: Serwer App.AppXy9rh3t8m2jfpvhhxp6y2ksgeq77vymbq.mca nie zarejestrował się w modelu DCOM w wymaganym czasie.

Error: (09/15/2016 10:01:04 PM) (Source: disk) (EventID: 7) (User: )
Description: W urządzeniu \Device\Harddisk4\DR32 wystąpił zły blok.

Error: (09/15/2016 10:01:02 PM) (Source: disk) (EventID: 7) (User: )
Description: W urządzeniu \Device\Harddisk4\DR32 wystąpił zły blok.

Error: (09/15/2016 10:00:59 PM) (Source: disk) (EventID: 7) (User: )
Description: W urządzeniu \Device\Harddisk4\DR32 wystąpił zły blok.

Error: (09/15/2016 10:00:57 PM) (Source: disk) (EventID: 7) (User: )
Description: W urządzeniu \Device\Harddisk4\DR32 wystąpił zły blok.

Error: (09/15/2016 10:00:54 PM) (Source: disk) (EventID: 7) (User: )
Description: W urządzeniu \Device\Harddisk4\DR32 wystąpił zły blok.


CodeIntegrity:
===================================
  Date: 2016-09-01 23:17:02.190
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.

  Date: 2016-08-28 21:53:17.647
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.

  Date: 2016-08-26 20:43:29.589
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.

  Date: 2016-08-13 12:59:28.618
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.

  Date: 2016-07-23 13:24:22.560
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.

  Date: 2016-06-17 04:54:46.500
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.

  Date: 2016-06-17 02:55:21.411
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.

  Date: 2016-06-15 23:21:19.477
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.

  Date: 2016-05-21 16:22:48.615
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.

  Date: 2016-05-14 19:34:53.701
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.


==================== Statystyki pamięci =========================== 

Procesor: Intel(R) Core(TM) i5-2410M CPU @ 2.30GHz
Procent pamięci w użyciu: 42%
Całkowita pamięć fizyczna: 8104.18 MB
Dostępna pamięć fizyczna: 4638.71 MB
Całkowita pamięć wirtualna: 12416.83 MB
Dostępna pamięć wirtualna: 7693.07 MB

==================== Dyski ================================

Drive c: () (Fixed) (Total:269.91 GB) (Free:180.95 GB) NTFS
Drive e: () (Fixed) (Total:195.31 GB) (Free:136.77 GB) NTFS

==================== MBR & Tablica partycji ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 465.8 GB) (Disk ID: 2D08491B)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=269.9 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=450 MB) - (Type=27)
Partition 4: (Not Active) - (Size=195.3 GB) - (Type=07 NTFS)

==================== Koniec  Addition.txt ============================